Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,809
Erlang
36
GitHub Actions
31
Go
2,393
Maven
5,000+
npm
4,026
NuGet
720
pip
3,818
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

109,748 advisories

Loading
A command injection vulnerability exists that can be exploited after authentication in VIGI... High Unreviewed
CVE-2025-7723 was published Jul 22, 2025
An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval... High Unreviewed
CVE-2025-31512 was published Jul 22, 2025
An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval... High Unreviewed
CVE-2025-31511 was published Jul 22, 2025
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force an Out-of-Bounds... High Unreviewed
CVE-2025-5042 was published Jul 22, 2025
A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation... High Unreviewed
CVE-2025-46354 was published Jul 22, 2025
A null pointer dereference vulnerability exists in the net_connectmsg Protocol Buffer Message... High Unreviewed
CVE-2025-36520 was published Jul 22, 2025
A null pointer dereference vulnerability exists in the Distributed Transaction component of... High Unreviewed
CVE-2025-48498 was published Jul 22, 2025
Path Traversal in restore_run_backup() in AIM 3.28.0 allows remote attackers to write arbitrary... High Unreviewed
CVE-2025-51463 was published Jul 22, 2025
Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0... High Unreviewed
CVE-2025-51480 was published Jul 22, 2025
Remote Code Execution in letta.server.rest_api.routers.v1.tools.run_tool_from_source in letta-ai... High Unreviewed
CVE-2025-51482 was published Jul 22, 2025
A vulnerability was found in Shenzhen Libituo Technology LBT-T300-T310 2.2.3.6. It has been rated... High Unreviewed
CVE-2025-8019 was published Jul 22, 2025
Improper access control in secure message component in Devolutions Server allows an authenticated... High Unreviewed
CVE-2025-6741 was published Jul 22, 2025
Use of weak credentials in emergency authentication component in Devolutions Server allows an... High Unreviewed
CVE-2025-6523 was published Jul 22, 2025
A null pointer dereference vulnerability exists in the CDB2SQLQUERY protocol buffer message... High Unreviewed
CVE-2025-35966 was published Jul 22, 2025
A denial of service vulnerability exists in the Bloomberg Comdb2 8.1 database when handling a... High Unreviewed
CVE-2025-36512 was published Jul 22, 2025
A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. Affected... High Unreviewed
CVE-2025-8017 was published Jul 22, 2025
Ai2 playground web service (playground.allenai.org) LLM chat through 2025-06-03 is vulnerable to... High Unreviewed
CVE-2025-51865 was published Jul 22, 2025
The Ajax Load More plugin before 2.8.1.2 does not have authorisation in some of its AJAX actions,... High Unreviewed
CVE-2015-10140 was published Jul 22, 2025
An authorization bypass vulnerability exists in ETQ Reliance (legacy CG and NXG SaaS platforms).... High Unreviewed
CVE-2025-34140 was published Jul 22, 2025
Authentik has insufficient check for account active status when authenticating with OAuth/SAML Sources High
CVE-2025-53942 was published for goauthentik.io (Go) Jul 22, 2025
pascalwei
Kyverno's Improper JMESPath Variable Evaluation Lead to Denial of Service High
CVE-2025-47281 was published for github.com/kyverno/kyverno (Go) Jul 22, 2025
thevilledev
: Active Debug Code vulnerability in ABB Switch Actuator 4 DU-83330, ABB Switch actuator, door... High Unreviewed
CVE-2025-7705 was published Jul 22, 2025
The Orion Login with SMS plugin for WordPress is vulnerable to Authentication Bypass in all... High Unreviewed
CVE-2025-7692 was published Jul 22, 2025
WRC-BE36QS-B and WRC-W701-B contain an improper neutralization of special elements used in an OS... High Unreviewed
CVE-2025-53472 was published Jul 22, 2025
The Nginx Cache Purge Preload plugin for WordPress is vulnerable to Remote Code Execution in all... High Unreviewed
CVE-2025-6213 was published Jul 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database